Pentagon Considers Nuclear Retaliation To Big Cyber Attacks

According to the draft for the Pentagon’s 2018 Nuclear Posture Review, the US would consider using nuclear weapons to respond to non-nuclear attacks.

While the Pentagon’s proposed policy change suggests the US should “only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States or its allies and partners,” large cyber-attacks are considered “extreme circumstances.”

After reviewing threats posed by Russia, China, North Korea and Iran, the document reads:

'The United States would only consider the use of nuclear weapons in extreme circumstances to defend the vital interests of the United States, its allies, and partners. Extreme circumstance could include significant non-nuclear strategic attacks. Significant non-nuclear strategic attacks include, but are not limited to, attacks on the US, allied, or partner civilian population or infrastructure, and attacks on US or allied nuclear forces, their command and control, or warning and attack assessment capabilities.'

Notice that “cyber-attack” is not specifically mentioned, but officials who asked to remain anonymous told The New York Times that “large cyber-attacks” could warrant a nuclear response.

Three current and former senior government officials said large cyber-attacks against the United States and its interests would be included in the kinds of foreign aggression that could justify a nuclear response — though they stressed there would be other, more conventional options for retaliation.

The NPR draft acknowledged that Russia has a “new intercontinental, nuclear-armed, undersea autonomous torpedo” and is “developing and deploying new nuclear warheads and launchers.” Russia, the document claims, believes that limited nuclear first use of low-yield weapons would give it an advantage. “Correcting this mistaken Russian perception is a strategic imperative,” it says.

Therefore, the US should develop smaller nukes, new “low-yield” nuclear weapons, which would “enhance deterrence.” One new nuke would be a cruise missile fired from submarines and another a “low-yield” warhead for ballistic missiles from subs.
The US doesn't need more Nukes

But Alexandra Bell, a former senior adviser at the State Department and current senior policy director at the Center for Arms Control and Non-Proliferation, told the Huffington Post, the US already has “4,000 nuclear weapons in our active stockpile, which is more than enough to destroy the world many times over. “So I don’t think it makes a convincing case that we somehow lack capabilities. And, in fact, I don’t think you can make the case that this president needs any more capabilities.”
Two weeks ago, President Donald Trump was bragging about having a “much bigger” and “more powerful” nuclear button that North Korean leader Kim Jong Un.

During the Cold War, nukes guaranteed mutually assured destruction. That same mutual assured destruction has been applied to large-scale cyberwar, knock out our power grid, and we will knock out yours type thing. 

It remains to be seen if the threat of nuking a country for pulling off large cyber-attacks would serve as a deterrent or be the start of doomsday. “Almost everything about this radical new policy will blur the line between nuclear and conventional,” Andrew C. Weber, an assistant defense secretary during the Obama administration, told The New York Times. If the draft is adopted as is, the new policy “will make nuclear war a lot more likely.”

The draft, called “pre-decisional” by the Pentagon, is currently being reviewed by the White House. The final version is expected to be released in February.

CSO Online

You Migh Also Read: 

World Economic Leaders Fear Increasing Cyber Attacks:

Army Chief Urges  UK To Increase Cyber Defence & Attack Capabilities:

2018 Predictions: Full-Scale Cyber War:

 

 

« World Economic Leaders Fear Increasing Cyber Attacks
Employees Are Key To Cybersecurity »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Atlantic Council

Atlantic Council

The Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

ZecOps

ZecOps

ZecOps is a cybersecurity automation company offering solutions for servers, endpoints, mobile devices, and custom devices.

CYBRScore

CYBRScore

CYBRScore is a premium, performance-based cyber skills training and assessment provider that quantifies a user’s ability to defend a network.

Omnipotech

Omnipotech

Omnipotech is a complete managed service provider. From desktop to datacenter, all the technology support you need, under one umbrella.

Dataprise

Dataprise

Dataprise is a leading IT managed services provider offering IT Management and Help Desk Support Services, Cloud Services, Information Security Solution, IT Strategy and Consulting.

Luxembourg House of Financial Technology (LHoFT)

Luxembourg House of Financial Technology (LHoFT)

Offering start-up incubation, co-working spaces including a soft-landing platform, the LHoFT connects and creates value for the entire Luxembourg FinTech ecosystem.

Eureka Security

Eureka Security

Eureka help organizations securely use any cloud data storage technology they need without having to compromise on security.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

Involta

Involta

Involta orchestrates IT transformation journeys using well-defined and rigorous processes to deliver hybrid cloud solutions, consulting and data center services tailored to our clients’ needs.

EasyDMARC

EasyDMARC

EasyDMARC deliver the most comprehensive product for anyone who strives to build the most secure possible defence system for their email ecosystem.

Securadin

Securadin

Securadin - Defending Your Data Security. We will assist you in learning how to maintain the confidentiality, integrity, and availability of your organization's assets.

Harmonia Holdings Group

Harmonia Holdings Group

Harmonia Holdings Group was born in 2006 with the vision to bring innovation and change to the federal IT sector.